Beschreibung:
Prominent services in the operational portfolio of enterprise information systems are facilities designed to promote information sharing while maintaining control over the integrity and privacy of information. Many organizations employ identity management and authentication for access, and then partition the application domain so that a separate access facility is required for each system. Simple access control lists are used for access control, so flexibility and information sharing is cumbersome and inefficient, often leading to a state where design objectives are easily compromised. A new and groundbreaking service is on the horizon. With dynamic access control employing the new Attribute Based Access Control (ABAC) system, a highly effective means of information sharing, based on the use of attributes, can be achieved, while enhancing efficiency and efficacy among enterprise agencies. This paper provides an introduction to this important service as it applies to federal and non-federal organizational structures.